Germany’s cyber agency alarmed by AI tool from the US
An AI model developed by US firm Anthropic tracks down security vulnerabilities in software. Germany’s cyber security agency has warned of the consequences.
Berlin (dpa, d.de) - US firm Anthropic has unveiled “Claude Mythos”, an AI model capable of identifying vulnerabilities in software. The Federal Office for Information Security (BSI) expects this to have significant implications for the cyber threat situation.
“We are in contact with the manufacturer Anthropic with respect to Claude Mythos,” announced BSI President Claudia Plattner. She said that although her authority had not yet been able to test the new tool, it had been able to gain insights into the way it works during personal discussions with the developers.
Anthropic announced that Mythos had revealed thousands of serious weaknesses – including in every widely used operating system and web browser. Given the rapid advances in artificial intelligence, it can be assumed that such capabilities would soon also be available to online attackers.
To prevent this, Anthropic has launched a cooperative venture called Project Glasswing. Corporations such as Apple, Amazon and Microsoft will be given access to Mythos to identify and plug any security gaps in their software. Anthropic is not planning to make the tool publicly available.
Plattner said that BSI was taking Anthropic’s announcements very seriously and expected “upheavals in dealing with security vulnerabilities and in the vulnerability landscape as a whole”. “This in turn raises questions of national and European security and sovereignty.”
